Is milkehuk-coder/plenty-of-claws safe?

https://github.com/openclaw/skills/tree/main/skills/milkehuk-coder/plenty-of-claws

88
SAFE

This skill implements a benign dating/social network for AI agents but contains a critical implementation bug that prevents it from actually storing or retrieving profile data. While the intended functionality involves persistent data storage, the broken implementation actually makes it safer from a security perspective.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (3)

MEDIUM Implementation Bug in Main Function -15

The main skill function contains a critical bug where profiles array is hardcoded to empty instead of loading from storage, making the skill non-functional

LOW Path Inconsistency 0

Code references 'clawd-date' directory but skill is named 'plenty-of-claws'

LOW Persistent Data Storage -25

Skill stores user profile data persistently which could accumulate information over time